|
tech
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Internal Interface used in NAT - what is it?I've set up NAT routing and there is an additional interface called
"Internal" which gets an IP from the DCHP server. What is this used for? I thought that Internal was used by RAS? mikej This is normal when you enable Remote Access. The link below explains
his. --- Steve http://support.microsoft.com/default.aspx?scid=kb;en-us;241398 Show quote "mike.james" <mike.ja***@infomaxgroup.co.uk> wrote in message news:UNOdnejB69R_R4zfRVnyrg@eclipse.net.uk... > I've set up NAT routing and there is an additional interface called > "Internal" > which gets an IP from the DCHP server. > What is this used for? > I thought that Internal was used by RAS? > mikej > "Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message Thanks for the link but this only makes me more confused.news:eXhz$92EFHA.3648@TK2MSFTNGP10.phx.gbl... > This is normal when you enable Remote Access. The link below explains > is. --- Steve > > http://support.microsoft.com/default.aspx?scid=kb;en-us;241398 > It says that Internal represents all RAS devices - which is fine but I'm not wanting to use RAS just a NAT router. Am I to suppose that NAT routing uses some part of RAS? mikej Yes NAT is part of Remote Access. You need to enable Remote Access to enable
NAT. --- Steve Show quote "mike.james" <mike.ja***@infomaxgroup.co.uk> wrote in message news:R_mdnUWVvOV0v4_fRVnysA@eclipse.net.uk... > > "Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message > news:eXhz$92EFHA.3648@TK2MSFTNGP10.phx.gbl... >> This is normal when you enable Remote Access. The link below explains >> s. --- Steve >> >> http://support.microsoft.com/default.aspx?scid=kb;en-us;241398 >> > > Thanks for the link but this only makes me more confused. > It says that Internal represents all RAS devices - which is fine but I'm > not wanting to use RAS just a NAT router. > Am I to suppose that NAT routing uses some part of RAS? > mikej > > Yes NAT is part of Remote Access. You need to enable Remote Access to Ok so I need it if I'm using NAT - this brings me to the real part of the > enable > NAT. --- Steve > > question. The IP address it grabs ends up registered in DNS - ok I managed to stop it doing this but I can't stop it from registering in WINS and taking part in broadcast resolution under NetBIOS. As the NAT router is also the PDC the result is that we have lost network browsing. Its a matter of chance which IP address for the PDC the client gets - if they get the Internal Interface then they don't get a browse list. Any thoughts? mikej I don't know if this will help or not but on your external adapter make sure
file and print sharing, Client for Microsoft Networks, and netbios over tcp/ip are all disabled and any wins records deleted/tombstoned for that adapter. Also in network connections go to advanced/advanced settings and make sure the internal network adapter is at the top of the list. Having a multihomed domain controller or using a domain controller as a Remote Access Server is not a good idea and should be avoided if at all possible as conflicts will arise particularly for the pdc fsmo which also is the domain master browser. A NAT router device would allow you to eliminate that problem from your domain controller. --- Steve http://support.microsoft.com/default.aspx?scid=http://support.microsoft.com:80/support/kb/articles/q135/4/04.asp&NoWebContent=1 Show quote "mike.james" <mike.ja***@infomaxgroup.co.uk> wrote in message news:LPOdnadvKs09hY7fRVnyvQ@eclipse.net.uk... > >> Yes NAT is part of Remote Access. You need to enable Remote Access to >> enable >> NAT. --- Steve >> >> > > Ok so I need it if I'm using NAT - this brings me to the real part of the > question. > The IP address it grabs ends up registered in DNS - ok I managed to stop > it doing this but I can't stop > it from registering in WINS and taking part in broadcast resolution under > NetBIOS. > As the NAT router is also the PDC the result is that we have lost network > browsing. > Its a matter of chance which IP address for the PDC the client gets - if > they get the Internal Interface then they > don't get a browse list. > > Any thoughts? > mikej > --
Please note our change of email address. All addresses of the form x@infomax.demon.co.uk should be changed to x@InfomaxGroup.co.uk "Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message I've tried this and it doesn't solve the problemnews:uoNHWwKFFHA.1188@tk2msftngp13.phx.gbl... >I don't know if this will help or not but on your external adapter make >sure file and print sharing, Client for Microsoft Networks, and netbios >over tcp/ip are all disabled and any wins records deleted/tombstoned for >that adapter. > Also in network connections go to advanced/advanced settings and make sure Haven't tried this - looking into it now.> the internal network adapter is at the top of the list. > Having a multihomed domain controller or using a domain controller as a I've heard the advice before but I think its just an admission of falure.> Remote Access Server is not a good idea and should be avoided if at all > possible as conflicts will arise particularly for the pdc fsmo which also > is the domain master browser. A NAT router device would allow you to > eliminate that problem from your domain controller. --- Steve > What is says - translated into plain English is - if you have a PDC that is also acting as a router then your network browsing will stop working. A lot of small networks have just a single Win 2003 server that does exactly both jobs. As it happens I've got a NAT router in a box ready for when I give up trying to get Win 2003 to do a job it should be capable of :-( Thanks for the advice though - I'll let you (and the group know) if I manage to get it work. mikej > It doesn't solve the problem.>> Also in network connections go to advanced/advanced settings and make >> sure the internal network adapter is at the top of the list. > > Haven't tried this - looking into it now. The internal IP address slowly but surely adds itself to the WINS registrations for the PDC and associated entries. As long as it isn't registered domain browsing works fine. I've even thought of writing a script to delete it from the WINS server ever few minutes - this wouldn't stop it from joining in broadcast resolution but it would make everything work most of the time. This is a very silly "feature" of Windows 2000/2003 - is there really no better solution than "don't do it". mikej The following link may be helpful if it your domain controller is also a
wins server. It does not specifically mention NAT but it does show a registry entry that may help. Another option may be to disable the computer browser service on your domain controller and then another server or computer in the network would pick up that role. If you do such try to find a computer that will be on all the time and give it priority to be a master browser, otherwise you could end up with frequent browser elections. --- Steve http://support.microsoft.com/kb/q292822/ http://www.windowsnetworking.com/kbase/WindowsTips/WindowsNT/RegistryTips/Network/PreferredMasterBrowser.html --- how to configure preferred master browser. Show quote "mike.james" <mike.ja***@infomaxgroup.co.uk> wrote in message news:LOWdnakqPeeu5YnfRVnyuQ@eclipse.net.uk... > >> >>> Also in network connections go to advanced/advanced settings and make >>> sure the internal network adapter is at the top of the list. >> >> Haven't tried this - looking into it now. > > It doesn't solve the problem. > The internal IP address slowly but surely adds itself to the WINS > registrations for the PDC and associated entries. > As long as it isn't registered domain browsing works fine. > I've even thought of writing a script to delete it from the WINS server > ever few minutes - this wouldn't stop it from joining in broadcast > resolution but it would make everything work most of the time. > > This is a very silly "feature" of Windows 2000/2003 - is there really no > better solution than "don't do it". > mikej > --
Please note our change of email address. All addresses of the form x@infomax.demon.co.uk should be changed to x@InfomaxGroup.co.uk "Steven L Umbach" <n9rou@n0-spam-for-me-comcast.net> wrote in message I think I've finally solved the problem - but there might be undesirable news:iIKdnUzwD8EBe4nfRVn-jg@comcast.com... > The following link may be helpful if it your domain controller is also a > wins server. It does not specifically mention NAT but it does show a > registry entry that may help. Another option may be to disable the > computer browser service on your domain controller and then another server > or computer in the network would pick up that role. If you do such try to > find a computer that will be on all the time and give it priority to be a > master browser, otherwise you could end up with frequent browser > elections. --- Steve effects so tell me if you think there is a problem. All I did, and why I didn't try this sooner I have no idea, is to add a static record for the PDC and one for the Workgroup with the single valid IP. The WINS server then created a couple of more static records that I didn't ask it to using the same IP. Since then the IP associated with the internal interface hasn't appeared. Its now 24 hours and everything seems to be working fine. Clearly the rule about replication not over writing a static by a dynamic WINS record applies to registration. I know that static records in WINS can be a problem but given that the PDC has to have a fixed IP (the only machine in the network that does) then I can't see any problem with assigning it a static WINS record is any more of a problem than manually creating a DNS record for it (say). Any references to the use of static WINS records that might help me see what is happening more clearly? mikej If that works then I would not worry about it as long as using static IP
address. I thought that those records had existed all along and that the "internal" adapter was adding additional records causing the problem. --- Steve Show quote "mike.james" <mike.ja***@infomaxgroup.co.uk> wrote in message news:lfqdnT5ST75gIYjfRVnyig@eclipse.net.uk... > > > -- > Please note our change of email address. All addresses of the form > x@infomax.demon.co.uk should be changed to x@InfomaxGroup.co.uk > "Steven L Umbach" <n9rou@n0-spam-for-me-comcast.net> wrote in message > news:iIKdnUzwD8EBe4nfRVn-jg@comcast.com... >> The following link may be helpful if it your domain controller is also a >> wins server. It does not specifically mention NAT but it does show a >> registry entry that may help. Another option may be to disable the >> computer browser service on your domain controller and then another >> server or computer in the network would pick up that role. If you do such >> try to find a computer that will be on all the time and give it priority >> to be a master browser, otherwise you could end up with frequent browser >> elections. --- Steve > > I think I've finally solved the problem - but there might be undesirable > effects so tell me if you think there is a problem. > > All I did, and why I didn't try this sooner I have no idea, is to add a > static record for the PDC and one for the Workgroup with the single valid > IP. The WINS server then created a couple of more static records that I > didn't ask it to using the same IP. Since then the IP associated with the > internal interface hasn't appeared. Its now 24 hours and everything seems > to be working fine. > > Clearly the rule about replication not over writing a static by a dynamic > WINS record applies to registration. > > I know that static records in WINS can be a problem but given that the PDC > has to have a fixed IP (the only machine in the network that does) then I > can't see any problem with assigning it a static WINS record is any more > of a problem than manually creating a DNS record for it (say). > > > Any references to the use of static WINS records that might help me see > what is happening more clearly? > > mikej > --
Please note our change of email address. All addresses of the form x@infomax.demon.co.uk should be changed to x@InfomaxGroup.co.uk "Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message Those records had indeed existed all along but as dynamic records.news:eqKsTCjFFHA.2608@TK2MSFTNGP10.phx.gbl... > If that works then I would not worry about it as long as using static IP > address. I thought that those records had existed all along and that the > "internal" adapter was adding additional records causing the problem. --- > Steve The internal adaptor was able to add its IP address to the records for the PDC so making it "multi-homed" and causing all the problems. As WINS doesn't seem to change static records with a single correct IP address in this seems to solve the problem. Its two days since I made the change and the WINS directory seems to be fine with no sign of the internal adaptor's IP and network browsing has been stable for that time. If it really is this easy I can't understand why the KB doesn't have it as a simple fix instead of all the dire warnings about "don't do it". mikej  
Other interesting topics
|
|||||||||||||||||||||||
